Closed
Bug 1310518
Opened 8 years ago
Closed 8 years ago
Crash in __CFTypeCollectionRetain
Categories
(Core :: Widget: Cocoa, defect)
Tracking
()
RESOLVED
FIXED
mozilla52
Tracking | Status | |
---|---|---|
firefox49 | --- | unaffected |
firefox50 | --- | unaffected |
firefox51 | --- | unaffected |
firefox52 | --- | fixed |
People
(Reporter: kats, Assigned: Gijs)
References
Details
(Keywords: crash, regression)
Crash Data
Attachments
(2 files)
This bug was filed from the Socorro interface and is report bp-e7bb817d-8812-4f7f-8cf1-2f4442161016. ============================================================= I got this crash after saving a file download. I can reproduce this (2/2 so far anyway) and I'll try to make a reduced test case.
Reporter | ||
Comment 1•8 years ago
|
||
Load the file, click the button. It will prompt you to save a file (this is generated in JS). Then the browser crashes. 100% reproducible for me.
Reporter | ||
Comment 2•8 years ago
|
||
I can only repro in Nightly, other channels seem ok.
status-firefox49:
--- → unaffected
status-firefox50:
--- → unaffected
status-firefox51:
--- → unaffected
Keywords: regression
Reporter | ||
Comment 3•8 years ago
|
||
mozregression found this: https://hg.mozilla.org/integration/mozilla-inbound/pushloghtml?fromchange=b987bb9ad1a19f04b7223cca8aa098eb5f7782ed&tochange=176c3e7915d1cf685119066783607684876e9312
Blocks: 1305339
Reporter | ||
Comment 4•8 years ago
|
||
(In reply to Kartikaya Gupta (email:kats@mozilla.com) from comment #1) > Created attachment 8801598 [details] > Test case > > Load the file, click the button. It will prompt you to save a file (this is > generated in JS). Then the browser crashes. 100% reproducible for me. To clarify the STR, you have to actually save the file before the browser will crash.
Assignee | ||
Comment 5•8 years ago
|
||
Uh... having looked at the changes I made a second time, I don't know why they would cause this. Though actually, I suppose I would have made the code run (like at all) where it would have bailed out earlier, with some of the basic fixes that enabled this for non-release versions. So hopefully this is good news in that we're catching a bug that might have happened on release otherwise? I'm not sure what the error means. A bit of googling seems to suggest that maybe this type of collection doesn't like it if the value is null, so maybe we should nullcheck file/source/referrer URLs? Apparently either that, or we should create the dictionary differently (not sure if that's possible here because we get the dictionary from someone else and then get a mutable copy/reference somehow) or we should pass an explicit NSNull instead of an actuall nullptr. Not sure what would be best. Josh has left, so Markus, can you help me out?
Flags: needinfo?(mstange)
Assignee | ||
Updated•8 years ago
|
Flags: needinfo?(gijskruitbosch+bugs)
Comment hidden (mozreview-request) |
Assignee | ||
Updated•8 years ago
|
Flags: needinfo?(gijskruitbosch+bugs)
Assignee | ||
Updated•8 years ago
|
Assignee: nobody → gijskruitbosch+bugs
Status: NEW → ASSIGNED
Comment 7•8 years ago
|
||
mozreview-review |
Comment on attachment 8805592 [details] Bug 1310518 - fix crashes when downloading files without referrer/source URL, https://reviewboard.mozilla.org/r/89346/#review88526
Attachment #8805592 -
Flags: review?(mstange) → review+
Assignee | ||
Updated•8 years ago
|
Flags: needinfo?(mstange)
Pushed by gijskruitbosch@gmail.com: https://hg.mozilla.org/integration/autoland/rev/2caaf35f549b fix crashes when downloading files without referrer/source URL, r=mstange
Comment 9•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/2caaf35f549b
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla52
You need to log in
before you can comment on or make changes to this bug.
Description
•